In an announcement released late on Friday, November 14, 2008, the Massachusetts Office of Consumer Affairs and Business Regulation (?OCABR?) extended the general deadline for compliance with that state?s new data security regulation to May 1, 2009. The original compliance deadline was January 1, 2009.

In addition to establishing the new May 1, 2009 general compliance deadline, the Friday announcement extended until January 1, 2010 the deadlines for encrypting non-laptop portable devices and obtaining compliance certifications from vendors that have access to personal information of Massachusetts residents.

Please see full bulletin for more information.